Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache test vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-4094
The Tomcat server in IBM Rational Quality Manager and Rational Test Lab Manager has a default password for the ADMIN account, which makes it easier for remote malicious users to execute arbitrary code by leveraging access to the manager role. NOTE: this might overlap CVE-2009-354...
Ibm Rational Test Lab Manager
Ibm Rational Quality Manager
1 EDB exploit
NA
CVE-1999-0045
List of arbitrary files on Web host via nph-test-cgi script.
Netscape Communications Server 1.1
Apache Http Server 1.0.5
Apache Http Server 0.8.11
Netscape Enterprise Server 2.0a
Apache Http Server 1.0.2
Apache Http Server 1.1
Apache Http Server 1.0
Apache Http Server 1.0.3
Apache Http Server 0.8.14
Netscape Communications Server 1.12
Netscape Commerce Server 1.12
1 EDB exploit
NA
CVE-1999-0070
test-cgi program allows an malicious user to list files on the server.
Apache Http Server
1 EDB exploit
9.8
CVSSv3
CVE-2019-0187
Unauthenticated RCE is possible when JMeter is used in distributed mode (-r or -R command line options). Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests run...
Apache Jmeter 5.0
Apache Jmeter 4.0
9.8
CVSSv3
CVE-2018-1297
When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an malicious user to get Access to JMeterEngine and send unauthorized code.
Apache Jmeter 2.10
Apache Jmeter 2.11
Apache Jmeter 2.12
Apache Jmeter 2.13
Apache Jmeter 2.3.3
Apache Jmeter 2.3.4
Apache Jmeter 2.5.1
Apache Jmeter 2.5
Apache Jmeter 2.6
Apache Jmeter 2.7
Apache Jmeter 2.8
Apache Jmeter 2.9
Apache Jmeter 3.0
Apache Jmeter 3.2
Apache Jmeter 3.3
Apache Jmeter 3.1
Apache Jmeter 2.1
Apache Jmeter 2.2
Apache Jmeter 2.3
Apache Jmeter 2.4
Apache Jmeter 2.3.1
Apache Jmeter 2.3.2
3 Github repositories
9.8
CVSSv3
CVE-2018-1287
In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI based), jmeter server binds RMI Registry to wildcard host. This could allow an malicious user to get Access to JMeterEngine and send unauthorized code.
Apache Jmeter 2.10
Apache Jmeter 2.11
Apache Jmeter 2.12
Apache Jmeter 2.13
Apache Jmeter 2.3.3
Apache Jmeter 2.3.4
Apache Jmeter 2.5.1
Apache Jmeter 2.5
Apache Jmeter 2.6
Apache Jmeter 2.7
Apache Jmeter 2.8
Apache Jmeter 2.9
Apache Jmeter 3.0
Apache Jmeter 3.2
Apache Jmeter 3.3
Apache Jmeter 3.1
Apache Jmeter 2.1
Apache Jmeter 2.2
Apache Jmeter 2.3
Apache Jmeter 2.4
Apache Jmeter 2.3.1
Apache Jmeter 2.3.2
NA
CVE-2012-5650
Cross-site scripting (XSS) vulnerability in the Futon UI in Apache CouchDB prior to 1.0.4, 1.1.x prior to 1.1.2, and 1.2.x prior to 1.2.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified parameters to the browser-based test suite.
Apache Couchdb 1.0.2
Apache Couchdb 1.1.0
Apache Couchdb 1.0.1
Apache Couchdb 1.0.0
Apache Couchdb 1.2.0
Apache Couchdb
Apache Couchdb 1.1.1
NA
CVE-2007-1355
Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 up to and including 4.0.6, 4.1.0 up to and including 4.1.36, 5.0.0 up to and including 5.0.30, 5.5.0 up to and including 5.5.23, and 6.0.0 up to and includin...
Apache Tomcat 4.0.4
Apache Tomcat 5.0.8
Apache Tomcat 5.0.19
Apache Tomcat 6.0.6
Apache Tomcat 5.0.14
Apache Tomcat 4.1.24
Apache Tomcat 5.0.22
Apache Tomcat 5.0.7
Apache Tomcat 6.0.7
Apache Tomcat 6.0.4
Apache Tomcat 5.0.9
Apache Tomcat 5.0.15
Apache Tomcat 5.0.30
Apache Tomcat 5.0.23
Apache Tomcat 5.0.2
Apache Tomcat 5.0.10
Apache Tomcat 5.0.21
Apache Tomcat 5.0.26
Apache Tomcat 6.0.10
Apache Tomcat 6.0.3
Apache Tomcat 5.0.6
Apache Tomcat 6.0.9
1 EDB exploit
NA
CVE-2002-2007
The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote malicious users to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examp...
Apache Tomcat 3.2.4
Apache Tomcat 3.2.3
3 EDB exploits
9.8
CVSSv3
CVE-2017-7676
Policy resource matcher in Apache Ranger prior to 0.7.1 ignores characters after '*' wildcard character - like my*test, test*.txt. This can result in unintended behavior.
Apache Ranger
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »